Cyber Incident Victim: Hackney Council

On October 13, 2020, Hackney Council in London publicly disclosed it had become the target of a serious cyber-attack disrupting numerous services and IT systems. Mayor Philip Glanville confirmed council officers were collaborating with the UK's National Cyber Security Centre (NCSC), external cybersecurity experts, and the Ministry of Housing, Communities and Local Government to investigate the incident’s scope and impact. The council emphasized the investigation remained in its early stages, with limited information available about the attack’s origin or full consequences. Immediate priorities included maintaining critical frontline services—particularly for vulnerable residents—safeguarding data integrity, and restoring compromised systems. No specific timeline for recovery was provided, though the council committed to ongoing public updates as the inquiry progressed. Service disruptions affected multiple council operations, though the exact nature and duration of these outages were not detailed in initial statements.

Cybersecurity specialist Jake Moore of ESET observed the incident exhibited characteristics consistent with modern ransomware attacks, noting the increasing trend of attackers both encrypting data and threatening its public release. He highlighted that underfunded local authorities like Hackney Council could face heightened risk due to potentially inadequate network protections, making them attractive targets for financially motivated threat actors exploiting vulnerabilities. The council did not confirm or deny ransomware involvement, disclose whether data exfiltration occurred, or identify specific compromised systems. No threat actor group or ransom demands were referenced in the council’s initial communication. Response efforts remained focused on containment, forensic analysis, and service restoration, with no publicized resolution or final impact assessment at the time of reporting.